Chinese spies suspected of 'moonlighting' as tawdry ransomware crooks A crew identified as a Chinese government-backed espionage group appears to have started moonlighting as a ransomware player – further evidence that lines are blurring between nation-state cyberspies and financially motivated cybercriminals. According to Symantec’s research team, miscreants broke into “a medium-sized software …
(tl;Dr - could foreign governments use the threat of revealing this unauthorised work "on the side" to blackmail these spies into becoming assets?)
So, what would be likely to happen to this person if the Chinese government were to find out they were doing this?
Is it a Russia-type situation where the government knows they're employing criminals to do their dirty work in the first place and would expect this?
Or is the Chinese government likely to respond negatively because they'd gone behind their employers backs, attracted attention or behaved in a way that didn't suit *them*?
I ask this not out of concern for the person in question, but because if the latter case is true and there's a very serious chance of very negative consequences if their employer ever found out, then they've made themselves the ideal candidate to be blackmailed into revealing or doing whatever a rival government might want from them.
A crew identified as Microsoft appears to have started moonlighting as a operating system replacement player – further evidence that lines are blurring between nation-state profits and financially motivated management making all users discard their computers and buy new computers so they are never seen as cybercriminals, only fancy rich management.
This is not political, this is just a filthy rich coincidence between the USA and China these days.
Chinese window latches seem rather more robust than Russian ones but if they are moonlighting and using state "owned" vulns and malware to lake a few quid on the side I can't imagine it will end well for them.
Unless of course they're self funding deniable purchase of zero days and or further operations
I would expect that foreign agents (aka: spies) are trained in many things "cyber" these days and also have access to a number of resources to do their jobs. It's not surprising that with those tools those agents are finding ways to lever open lots of piggy banks on a freelance basis for fun and profit. As long as they have data to send in to their bosses that shows they're busy at their day job, who's to complain. Other than bosses that might, A: want a cut B: worry that the agent might draw too much attention to themselves.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
